Password Policy Max Login Attempts too wide
Impact area
Security
Severity
Medium
Affected element
Profile
Org Config
Rule ID
SF-0111
Impact
Allowing too many failed login attempts can open you up to brute force attacks.
Remediation
Limit the number of login failures allowed for a user before the user is locked out.
Time to fix
30 min
References
This rule is linked to Common Weakness Enumeration CWE-521 Weak Password Requirements.